Corporate India have encountered rising cases of cybercrime but incident response mechanisms to tackle these risks remains low, states EY’s Fraud Investigation & Dispute Services report, Responding to cybercrime incidents in India. The report highlighted that a majority (about two third) of businesses were unable to detect a cyber incident in real time due to insufficient understanding of the motive behind the attack. Almost 89% stated a need to enhance cyber laws - 55% said laws need to be strengthened and 34% said they need to be more clear.

“Corporate India’s exposure to cybercrime risks has magnified significantly over the last few years, with attacks becoming exceedingly complex, targeted and globalized. The shift to a digital economy has also uncovered vulnerabilities in many organizations and highlighted the need to build strong cyber strategies. The ability to foresee and remediate future threats will separate the better prepared organization from the rest,” said Arpinder Singh, Partner and National Leader, Fraud Investigation & Dispute Services of EY India.

“The threat from cybercrime is multi-dimensional, targeting citizens, corporates and the Government at an alarming rate. Increased public awareness and regulatory initiatives such as ‘Digital India’ have directed organizations to invest in setting up cybersecurity measures in line with the nation’s objectives. Equipping companies with innovative strategies and tools will be paramount going forward,” said Brijesh Singh, IPS, Inspector General - Cyber, Maharashtra.

“Cyber criminals have been exploiting the lack of real-time response by organizations triggered by an incident to their advantage. This calls for the implementation of a robust cyber defense strategy, supplemented by a diagnostic program and incident response mechanism. Increased spend on augmenting cyber capabilities and deploying specialist teams will be the need of the hour for organizations to successfully handle incidents,” said Amit Jaju, Executive Director, Fraud Investigation & Dispute Services, EY India.

The report by EY’s Fraud Investigation & Dispute Services team comprises over 160 in-depth interviews with senior and mid management. Over 50% of the respondents employed from listed companies. Some key highlights of the report include:

Inside threats on the rise
One fifth of the respondents asserted that employees are one of the weakest links in an organization’s defence mechanisms. Most companies tend to put in a concentrated effort to mitigate external threats, but the impact of insider threats is undermined. Organizations should realize that insider threats could pose a significant risk to their proprietary information and it’s important to strike a balance in managing both internal as well as external risks to protect critical assets.

Social media – the big cybercrime vector
Almost all respondents (90%) identified social media as a big risk, possessing a high probability of being used to identify and target key individuals in organizations. A mobile workforce, increased sharing of personal and professional information on social media channels, and gaps in protecting this information could evolve as a significant cyber hazard. Emerging techniques such as phishing or spoofing can make unsuspecting employees even more vulnerable.

Cyber specialists are critical to deal with incidents
72% of the respondents believe their company’s IT security teams do not have enough specialists to deal with cybercrime incidents, directing companies to invest in quality staff who can tackle these concerns. Only 40% of the respondents believe their techniques around proactive monitoring of cybercrime are adequate and 44% stated having robust data protection programs.

Increased investments required in investigation capabilities
Less than half of the respondents surveyed are planning to increase cyber security spends, indicating that incident response is still not on the priority list. Organizations need to understand that the quantum of losses suffered because of a cyber breach will continue to escalate in the future, and there is a heightened need to make investments in building robust cyber diagnostic programs, provide remediation approach, cyber threat intelligence and incident response.